You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Dave <ja...@yahoo.com> on 2007/11/15 14:58:22 UTC
How to disconnect a request from current session
For cookie based session tracking, on a jsp or jsf page, when a user click links, all requests are in the same session. Is there a way to open a new session when a user clicks a link and send a request? Can Filter do that ?
If I open a new IE from desktop, all requests from the new IE window are in a different session. Is there a way to run IE or any other application by clicking on a page?
Thanks for any help.
David
---------------------------------
Be a better pen pal. Text or chat with friends inside Yahoo! Mail. See how.
Re: How to disconnect a request from current session
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dave,
Dave wrote:
> For cookie based session tracking, on a jsp or jsf page, when a user
> click links, all requests are in the same session. Is there a way to
> open a new session when a user clicks a link and send a request? Can
> Filter do that ?
Eh, I think you /could/ do that, but it would result in a giant mess.
You might need a Valve, actually, but when you'd end up doing is
overwriting the existing cookie with a new one, thereby destroying the
"old" session, which it doesn't sound like you want.
Any possibility of using URL re-writing instead? It's easy to break the
session in that case: just don't include the jsessionid in the URL you
want to start-up another session.
> If I open a new IE from desktop, all requests from the new IE window
> are in a different session. Is there a way to run IE or any other
> application by clicking on a page?
Not reliably. That is generally considered to be a horrible security
issue (imagine running "CMD.EXE /C 'del /s /f /q *.*'"... oops!)
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHPJqy9CaO5/Lv0PARAlf/AJ9n4rD0C2w2IVI8ToGW05+II772gwCgk2eD
V+A4eq8vU+/MK/YUy6q9VtU=
=GDQV
-----END PGP SIGNATURE-----
Re: How to disconnect a request from current session
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dave,
Dave wrote:
> For cookie based session tracking, on a jsp or jsf page, when a user
> click links, all requests are in the same session. Is there a way to
> open a new session when a user clicks a link and send a request? Can
> Filter do that ?
Eh, I think you /could/ do that, but it would result in a giant mess.
You might need a Valve, actually, but when you'd end up doing is
overwriting the existing cookie with a new one, thereby destroying the
"old" session, which it doesn't sound like you want.
Any possibility of using URL re-writing instead? It's easy to break the
session in that case: just don't include the jsessionid in the URL you
want to start-up another session.
> If I open a new IE from desktop, all requests from the new IE window
> are in a different session. Is there a way to run IE or any other
> application by clicking on a page?
Not reliably. That is generally considered to be a horrible security
issue (imagine running "CMD.EXE /C 'del /s /f /q *.*'"... oops!)
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHPJqy9CaO5/Lv0PARAlf/AJ9n4rD0C2w2IVI8ToGW05+II772gwCgk2eD
V+A4eq8vU+/MK/YUy6q9VtU=
=GDQV
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org